Justin's repositories
flow-indexer
Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
can-i-use-afpacket-fanout
Validate if afpacket PACKET_FANOUT_HASH is working properly
ssh-auth-logger
A low/zero interaction ssh authentication logging honeypot
bannerscanner
simple tcp port scanner + banner grabber
zeek-log-filtering
A bunch of examples of zeek log filtering
zeek-jemalloc-profiling
a zeekctl plugin that helps configure MALLOC_CONF for profiling
credit-card-exposure
Detect credit card exposures with Bro
CVE-2020-14882-weblogicRCE
Detection of RCE in Oracle's WebLogic Server CVE-2020-14882 / CVE-2020-14750
go-opendecompress
like os.Open, but automatically decompress files
package-manager
A package manager for Zeek
partial_md5
Figure out if it's possible to truncate a large file so that it has a particular md5.
pcap_simplify
pcap format simplification stuff
raspi-corelight
Corelight@Home script
ssh-auditor
The best way to scan for weak ssh passwords on your network
zeek-long-connections
Zeek package for tracking long connections to report them before they have completed.